The volume and variety of application traffic in many networks is ever increasing, thus complicating the task of implementing network security policies in a network. For example, a given application executing on an endpoint device in the network may send traffic to a corresponding application server, which may or may not be allowed by network policy. Notably, factors such as the identity of the device, the user of the device, the application, server information, and the like, may dictate whether the traffic is permitted to traverse the network.
Coinciding with the rapid increase in the volume and variety of application traffic is the rapid proliferation and use of cryptographic techniques with respect to network traffic. Notably, in recent years, the percentage of web traffic that is encrypted has almost doubled each year, to the point that the majority of web traffic now uses some form of encryption. However, from a network security standpoint, the complexity of the various cryptographic protocols and standards makes it extremely difficult for system developers and administrators to understand the actual security levels achieved by real-world systems.